From 29e42f5f3d5214216e004243867d72b140236d6e Mon Sep 17 00:00:00 2001 From: Torben Hansen <50673096+torben-hansen@users.noreply.github.com> Date: Tue, 8 Jul 2025 12:46:51 -0700 Subject: [PATCH 1/2] Document and statically assert counters can't overflow --- crypto/fipsmodule/rand/entropy/tree_drbg_jitter_entropy.c | 2 ++ crypto/fipsmodule/rand/internal.h | 1 + crypto/fipsmodule/rand/rand.c | 3 +++ 3 files changed, 6 insertions(+) diff --git a/crypto/fipsmodule/rand/entropy/tree_drbg_jitter_entropy.c b/crypto/fipsmodule/rand/entropy/tree_drbg_jitter_entropy.c index eda15624f9..7f704aa177 100644 --- a/crypto/fipsmodule/rand/entropy/tree_drbg_jitter_entropy.c +++ b/crypto/fipsmodule/rand/entropy/tree_drbg_jitter_entropy.c @@ -74,6 +74,8 @@ struct tree_jitter_drbg_t { // reseed_calls_since_initialization is the number of seed/reseed calls made // on |drbg| since its initialization. + // We assume 2^64-1 is an upper limit on number of reseeds. Type must support + // that. uint64_t reseed_calls_since_initialization; // generation_number caches the UBE generation number. diff --git a/crypto/fipsmodule/rand/internal.h b/crypto/fipsmodule/rand/internal.h index ff0f68c0e6..72733555ce 100644 --- a/crypto/fipsmodule/rand/internal.h +++ b/crypto/fipsmodule/rand/internal.h @@ -45,6 +45,7 @@ struct ctr_drbg_state_st { uint8_t counter[16]; uint64_t reseed_counter; }; +OPENSSL_STATIC_ASSERT((sizeof((struct ctr_drbg_state_st*)0)->reseed_counter) * 8 >= 48, value_can_overflow); // CTR_DRBG_init initialises |*drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of // entropy in |entropy| and, optionally, a personalization string up to diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c index f402a1ccc7..4d18babd0f 100644 --- a/crypto/fipsmodule/rand/rand.c +++ b/crypto/fipsmodule/rand/rand.c @@ -23,6 +23,8 @@ struct rand_thread_local_state { // reseed_calls_since_initialization is the number of reseed calls made on // |drbg| since its initialization. + // We assume 2^64-1 is an upper limit on number of reseeds. Type must support + // that. uint64_t reseed_calls_since_initialization; // generation_number caches the UBE generation number. @@ -39,6 +41,7 @@ struct rand_thread_local_state { // process exit. CRYPTO_MUTEX state_clear_lock; }; +OPENSSL_STATIC_ASSERT((sizeof((struct rand_thread_local_state*)0)->generate_calls_since_seed) * 8 >= 48, value_can_overflow); DEFINE_BSS_GET(struct rand_thread_local_state *, thread_states_list_head) DEFINE_STATIC_MUTEX(thread_local_states_list_lock) From ffa0f12d39c173d2d9274b1c04f324ed26a7d23a Mon Sep 17 00:00:00 2001 From: Torben Hansen <50673096+torben-hansen@users.noreply.github.com> Date: Tue, 8 Jul 2025 13:12:36 -0700 Subject: [PATCH 2/2] Remove redundant semi-colon... --- crypto/fipsmodule/rand/internal.h | 2 +- crypto/fipsmodule/rand/rand.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/fipsmodule/rand/internal.h b/crypto/fipsmodule/rand/internal.h index 72733555ce..7ce0fc0750 100644 --- a/crypto/fipsmodule/rand/internal.h +++ b/crypto/fipsmodule/rand/internal.h @@ -45,7 +45,7 @@ struct ctr_drbg_state_st { uint8_t counter[16]; uint64_t reseed_counter; }; -OPENSSL_STATIC_ASSERT((sizeof((struct ctr_drbg_state_st*)0)->reseed_counter) * 8 >= 48, value_can_overflow); +OPENSSL_STATIC_ASSERT((sizeof((struct ctr_drbg_state_st*)0)->reseed_counter) * 8 >= 48, value_can_overflow) // CTR_DRBG_init initialises |*drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of // entropy in |entropy| and, optionally, a personalization string up to diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c index 4d18babd0f..6e5d824bd3 100644 --- a/crypto/fipsmodule/rand/rand.c +++ b/crypto/fipsmodule/rand/rand.c @@ -41,7 +41,7 @@ struct rand_thread_local_state { // process exit. CRYPTO_MUTEX state_clear_lock; }; -OPENSSL_STATIC_ASSERT((sizeof((struct rand_thread_local_state*)0)->generate_calls_since_seed) * 8 >= 48, value_can_overflow); +OPENSSL_STATIC_ASSERT((sizeof((struct rand_thread_local_state*)0)->generate_calls_since_seed) * 8 >= 48, value_can_overflow) DEFINE_BSS_GET(struct rand_thread_local_state *, thread_states_list_head) DEFINE_STATIC_MUTEX(thread_local_states_list_lock)